What Should Small Businesses in Northern Ohio Pay For IT Support And IT Services?

What Should Small Businesses in Northern Ohio Pay For IT Support And IT Services?

by | Nov 1, 2023 | Newsletter

 

One of the most common questions we get from new prospective clients calling our office is “What do you guys charge for your IT services?”

While price certainly needs to be one consideration, it’s extremely important you make an informed decision and choose the right IT services company instead of using price as the main deciding factor.

This seems obvious, but the reality is that most CEOs/CFOs/etc. don’t really know what questions to ask or what to look for when choosing one IT company over another and therefore put too much weight on the quote.

What you want to avoid is getting lured into a lowball quote from an IT company that is in financial trouble, cutting corners to lower their fees to get you as a client, but then unable to afford to hire experienced, knowledgeable techs, dedicated account managers and the security tools they need to ensure YOU are actually getting the security, stability and service you need.

So, how much is “too much” and what are the signs that someone is underpriced?

Recently, an industry report from Service Leadership, the leading financial benchmarking organization in the IT services industry, revealed that a whopping 28% of MSPs (managed services providers, or IT services companies) were unprofitable, and nearly half of all MSPs were under 10% net profit.

While everyone likes a “bargain,” here are the reasons why “cheaper” is not the advantage you think it is when you choose an underpriced IT company:

  1. They are woefully short-staffed because the biggest expense in any IT company is the technical staff. THAT means if one of their techs quits, they’re quickly overwhelmed and unable to support your account, and response time suffers, not to mention critical security and backup maintenance of your network.
  2. The staff they hire are at the lower end of the pay scale, which means you’re not getting the most competent people working on backing up your data, keeping your network secure and handling the critical operations and data your business needs.
  3. They are very unlikely to have a dedicated account manager and team to work on your account because they can’t afford to hire them.
  4. They are one or two bad months away from going out of business because they have no buffer. That means you could wake up one morning and find yourself without an IT company, scrambling to find a new one.
  5. They are not “operationally mature.” Operational maturity means their business has the people and professional processes aligned to provide the highest level of QUALITY services to the end client (you).

In general, according to Service Leadership, the average “per user” fee for managed IT services is $205.07 to $249.73. Those IT firms with a below-average operational maturity level charge $146.08 to $157.49 per “user” (or employee using a computer or device they are supporting).

As you can see, if someone quotes you $120 a user for managing your network, it might feel like a good deal, but you have to ask yourself how they are able to charge nearly 50% less than IT firms that are operationally mature. The answer is obvious – they’re cutting corners, hiring cheap labor and leaving out critical security and compliance services.

If you want to know what types of questions you should be asking your managed services provider, then click here to download our executive guide, The Northern Ohio Business Owner’s Guide To IT Support Services And Fees.

This report discusses in detail exactly what to look for to get exactly what you need without unnecessary extras, hidden fees and bloated contracts. But most importantly, it will show you how to get the right support you want in order to lower your risk and eliminate the frustration of dealing with a less than competent IT company.

Voice Scam Alert: How to Safeguard Your Business and Loved Ones

Voice Scam Alert: How to Safeguard Your Business and Loved Ones

by | Oct 25, 2023 | Newsletter


“That won’t happen to me” is something many business owners say when discussing cyberscams and the need for adequate protections for their business, but these days it’s getting to be a really, really stupid statement that you definitely don’t want your clients, employees and banker to hear.

Generative artificial intelligence (AI) tools are allowing scammers to produce deepfakes to defraud their targets. Earlier this year, Clive Kabatznik, an investor in Florida, called his local Bank of America representative to discuss a big money transfer he was planning to make.

Immediately after this legitimate call, a scammer called the bank back using an AI-generated deepfake voice of “Clive” to convince the banker to transfer the money to another account. Fortunately, the banker was suspicious enough that no money was transferred, but not everyone is as lucky.

According to a report titled Artificial Imposters by McAfee, a well-established cyber security firm, 77% of AI voice scams were successful in securing money from their target. Even scarier, AI tools can clone a voice from just three seconds of audio.

A UK-based energy firm’s CEO was the victim of a voice scam when he thought he was talking to his boss, the CEO of the parent company based in Germany. The voice on the other end of the line instructed him to send the equivalent of $233,000 to a Hungarian supplier. The voice was so convincing, down to the slight German accent, that the CEO complied without hesitation. By the time they realized what had happened, the money had already been transferred to Mexico and distributed to other locations that weren’t traceable.

But big businesses aren’t the only ones targeted.

Jennifer DeStefano, a mother of a 15-year-old daughter, recounted during a US Senate hearing her terrifying encounter with an AI scammer who used the voice of her daughter to attempt to convince her that the girl had been kidnapped. Fortunately, her daughter was in her bed sleeping at the time, and Jennifer was able to realize it was a scam. Many others aren’t as lucky as Jennifer and are getting scammed by AI voices of grandchildren, children and other loved ones who “urgently need money.”

This approach is still so new that there’s no comprehensive accounting of how often it’s happening, but the CEO of Pindrop, a security company that monitors audio traffic for many of the largest US banks, said he had seen a jump in its prevalence this year – and in the sophistication of scammers’ voice-fraud attempts. Another large voice-authentication vendor, Nuance, saw its first successful deepfake attack on a financial services client late last year.

With the rapid advancement of AI technology and its wider availability as costs come down, coupled with the broad availability of recordings of people’s voices on TikTok, Facebook, Instagram and YouTube, the perfect conditions have been created for voice-related AI scams.

What do you need to do to protect yourself?

For starters, share this article to make sure your staff is aware of these types of scams. Next, instruct them to ALWAYS check with you via a text message or other means BEFORE transferring money. If you’re not a business owner, you can do the same with your family, using a code word or other means of verifying the caller’s legitimacy.

Also, check the caller ID. If it’s something you don’t recognize, or it’s a blocked number, that’s a BIG red flag that it’s a scam. Even if it sounds like them on the other end of the line, hang up and call their phone direct or the place they’re supposed to be (school, office, etc.).

If the person is calling with on-fire urgency and wants money wire-transferred or a Bitcoin payment, that’s another huge red flag. Real emergencies don’t come with highly skeptical payment demands.

In business, you’ve clawed and climbed your way to the top, dodging all sorts of pitfalls and predators that have tried to make you their meal. Such threats are everywhere, and the higher you climb, the more you’ll find hiding behind every tree, every rock and every step. No matter how small and insignificant you might think you are, you ARE a target for someone, and being casual about cyber security and the threats these cybercriminals pose is an absolute surefire way to be robbed.

If you don’t want this to happen to you, click here to request a free Cyber Security Risk Assessment to see just how protected your organization is against known predators. If you haven’t had an independent third party conduct this audit in the last six months, you’re due.

It’s completely free and confidential, without obligation. Voice scams are just the latest in a tsunami of threats aimed at small business owners, with the most susceptible being the ones who never “check the locks” to ensure their current IT company is doing what they should. Claim your complimentary Risk Assessment today.

How to Detect and Defend Against Bad Bots

How to Detect and Defend Against Bad Bots

by | Oct 18, 2023 | Newsletter

There is one extremely common threat to our security that nearly everyone has witnessed but hardly anyone talks about – bad bots. These silent attackers are often thought of as annoying spam accounts posting computer-generated comments online. They are so common that most of us tend to scroll by them without noticing, but in reality, bad bots are much more dangerous, particularly for business owners.

 

What Are Bad Bots?

 

Bad bots are software applications that are programmed to run automated tasks with malicious intent, such as brute force attacks, data mining, ad fraud and more. These stealthy assailants are the tireless, automated “employees” of cybercriminals that help them wreak havoc at scale. And they are everywhere. A study by Imperva revealed that of all Internet traffic in 2022, 47.4% was made up of these automated bots.

 

The activities of these bad bots can range from annoying to outright malicious. The most common ones we see that can affect any business are:

 

Reputation Attacks: Bots can be configured to leave comments on your social media or website with malicious codes and links, post provocative or spammy comments, leave scathing reviews and so on, all of which affect consumer trust.

 

Web Scraping: Bad bots can scrape your website for valuable data, such as pricing information or customer reviews, which they might use for various purposes, including undercutting your prices or selling your data to competitors. They could also use it to duplicate your website and set up phishing scams to trick visitors.

 

This can be particularly dangerous for industries with sensitive data, like health care. Bots can scrape sensitive health information, such as patient records, medical history and insurance information, which is often later sold on the dark web for profit.

 

Brute Force Attacks: These bots attempt to gain unauthorized access to your systems by repeatedly guessing passwords, making your accounts vulnerable to breaches. This is a popular tactic against financial services companies. If cybercriminals get access to accounts that contain sensitive financial information, they can open up new credit card accounts.

 

Distributed Denial of Service (DDoS) Attacks: Bad bots can be used to launch DDoS attacks, overwhelming your website or online services with traffic and causing downtime.

 

Ad Fraud: Some bots engage in click fraud, repeatedly clicking on online ads to deplete your advertising budget without delivering real human engagement. This will skew analytics and often lead to poor decision-making for the marketing department.

 

 

Detecting bad bots can be challenging since they often mimic human behavior. The hardest ones to identify are evasive bots, which get their name from their ability to sidestep security by cycling through random IPs, rapidly changing their identities, mimicking human behavior and defeating CAPTCHA challenges. However, there are a few methods to help you identify bad bot attacks:

 

Watch Traffic Patterns: Monitor website traffic patterns for irregularities, such as high traffic from a single IP address or a single region.

 

Monitor All Comments Sections: Check in regularly on social media sites for spam comments or fake bad reviews and delete them.

 

Use CAPTCHA Challenges: Implement CAPTCHA challenges or bot detection tools to filter out automated traffic automatically.

 

Implement Anomaly Detection: Use anomaly detection algorithms to spot unusual behavior, like rapid data scraping or suspicious login attempts.

 

Track Bot Signatures: Maintain a list of known bot signatures and compare incoming traffic against it.

 

If you notice repeated issues, there are a few actions you can take, such as:

 

Educate Your Team: Train your employees to recognize and report suspicious activities, as humans are often the first line of defense. Create a process that includes who to notify and what steps to take when each issue is noticed.

 

Use Bot Detection Solutions: Invest in bot detection software or services that can help identify and block bad bot traffic.

 

Maintain Regular Updates: Keep your software and security systems updated to patch vulnerabilities that bots may exploit.

 

Implement Rate Limiting: Limit the number of requests an IP address can make in a given time frame to thwart scraping attempts.

 

Hire An IT Professional: Bots are tricky. IT companies deal with them regularly and have advanced solutions that can help eliminate these annoying and dangerous issues for you.

 

The impact of bad bots on business owners can be significant and lead to financial losses, reputational damage and legal complications. If you’re worried about bad bots causing a problem for your organization, schedule a FREE Discovery Call and we’ll help figure out where your company is vulnerable and how you can protect yourself and your business today. Click here to book now.

Delegate and Dominate: Key IT Tasks for Business Owners to Outsource

Delegate and Dominate: Key IT Tasks for Business Owners to Outsource

by | Oct 11, 2023 | Newsletter

When you run your own business, it feels like there are never enough hours in the day. Even when you start early and end late, there’s always something else, another e-mail or task, nagging for your attention. If you want to be productive, and ultimately successful, it’s important to prioritize what tasks you’ll allow to fill your schedule. Not everything needs to be or should be done by you.

Easier said than done. One of the issues we frequently see business owners struggle with is to delegate the tasks they don’t need to be doing. “It’s faster if I just do it” and “They won’t do it like I do” are two statements we often hear. For some tasks, that’s probably true, and those should stay on your plate, but when it comes to IT and technology, there are always several tasks business owners are doing themselves that they could and should hand off to someone else.

Some are obvious, like security. Quality cyber security requires 24/7 monitoring, and it’s unrealistic for busy business owners to be able to handle that effectively. They simply have too much to do! Another mistake is when they hand it off to an employee, family member or friend to do for them. These people are typically not qualified to protect you correctly.

However, there are dozens of other to-dos that you might not realize you can hand off to your IT team Here are 10 tasks you can delegate to your IT team so you can focus on running your business.

  1. Fix or Optimize Wi-Fi – Whether your Wi-Fi is down, you need to extend coverage area or something else, you don’t have to crawl around unplugging and plugging your router. Your IT team can handle it.
  2. Install and Set Up Microsoft Teams – If you’re using tools like Zoom, Slack and project management software, moving to Microsoft Teams can enhance productivity. It facilitates direct communication, project management and collaboration and has over 1,900 applications you can use. IT professionals can set all this up for you and train your team how to use it properly.
  3. Manage User Access Permissions and Credentials – Your IT team can handle getting new employees their correct user access, immediately revoking access for fired employees or those who quit and everything in between.
  4. Procuring and Provisioning Devices – If you need laptops, desktops, tablets, mobile devices, etc., sourced for the best price and configured for use, that’s a tech team task.
  5. Providing Tech Support To Employees – No more troubleshooting questions for you! Your team can submit tech tickets for a quick, efficient response from support.
  6. Set Up Dual Monitors – Want to increase productivity and efficiency? IT can set up dual monitors, correctly hooking everything up, so your team can come in and start working instead of trying to DIY it.
  7. Speed Up Computers To Run Efficiently – If your computer is running slow, don’t go to Google looking for tips. Call your IT team. They can help you improve your computer speed.
  8. Install E-mail/Spam Protection – No more filtering out dangerous or annoying spam e-mails; IT will do it for you.
  9. Configure Office Equipment – New printer? No problem. IT can help set it up.
  10. Employee Screen Monitoring – Are your employees working when they say they are? We can help you find out by setting up software to track activity.

And the list goes on. IT providers can also aid with HIPAA, CMMC and PCI compliance, file sharing for external/remote access users, data loss recovery plans, office relocation, cabling and so much more. Most business owners we consult with are surprised by the number of responsibilities a tech team can take on beyond cyber security.

The best thing to do is book a FREE Network Assessment. During this assessment, our team will look at your entire system for areas of opportunity and improvement. We’ll conduct a full audit, provide you with a plan of action to optimize your business for productivity, efficiency and security, and answer any questions you have. Click here to book your Assessment now.

How to Navigate the Chaos of Being Business Leader

How to Navigate the Chaos of Being Business Leader

by | Oct 4, 2023 | Newsletter


It’s a special kind of relentless attack all business owners and managers face: the persistent, crazy, chaotic assault on your time and attention. Seems like business productivity is never what it can be? No one is immune, and every business deals with it. 

Some leaders handle the constant pressure on their attention brilliantly, keeping the team organized and highly productive. But most people struggle with this and feel crushed and overwhelmed by all the things they have to keep track of and do. This goes double if your business is in growth mode and not “standing still” or casually strolling through its existence.

Add to this a remote workforce, and it can be intensely difficult to wrap your head around all the projects, to-dos, deadlines and client deliverables you and your leadership team must manage.

While we as an IT and Managed Services company cannot tell you what projects are most important, we can absolutely help you and your team stay far more organized and allow you to know if the people on your team are properly aligned, prioritizing the right work and focused on the things you want them to focus on. We can also help you organize communication to lessen the chances of a dropped ball or a communication failure, which is by far the #1 reason why problems happen in business.

One of the tools we recommend to clients wanting to get more operational control and clearer communication is Microsoft Teams. There are a lot of reasons why this is a “super tool” for productivity and organizational alignment, but as a bonus, it typically ends up saving our clients quite a bit of money on technology, because it replaces other applications, like Slack, Zoom and dozens of popular project management software, putting all of it into one lower-cost, more secure and more tightly integrated system.

Let me share just a few of the cool features you’ll love in Teams. Keep in mind that this list is far from complete. Microsoft Teams has over 1,900 applications you can pick from to integrate into a Teams Channel to organize information, workflow, tasks, deadlines and documents.

Posts: The “post” feature works a lot like Slack in that it will allow you to post questions, reminders and status updates to everyone on that Team regarding that project. This not only keeps ALL communication for a project in one place, but it creates a history and alerts everyone on the team to what’s going on. This feature saves a lot of money for companies using Slack since it’s native and included in Microsoft Teams.

Tasks By Planner And To-Do: This section of Teams is one of our favorites because it allows you to create “complex” to-do lists where you can assign each item to one or more people; have a progress status, priority and due date; add documents and files; and create a checklist of all the things that need to be done. Better yet, team members who are responsible for the project can provide status updates and check off items that are completed so you know where you are with any particular project.

Video Conferencing: While Teams is not as slick as Zoom, it does have some features that make it better for team collaboration and projects. The biggest advantage over Zoom is that you can hold a video conference, and the recording of the meeting – along with all of the notes, files and links – will remain in that Team for easy reference later on. This can be extremely helpful for people who might not have been able to attend a meeting, making it easy for them to find and watch the recording, and it also retains a record of critical conversations. Plus, it eliminates expensive Zoom licenses for all employees because it’s included in Microsoft 365.

File Sharing and Collaboration: Each team or channel in Teams has its own Files tab where team members can upload, store, and access files related to specific projects or discussions. This centralization reduces the need to email files back and forth and ensures that everyone has access to the latest version of a document. Users can share files and documents directly within Teams, making it simple to collaborate on projects without switching between different applications. Multiple team members can work on the same document simultaneously, whether it’s a Word document, Excel spreadsheet, PowerPoint presentation, or other Microsoft 365 file. Changes made by one user are instantly visible to others, fostering seamless teamwork.

Security and Compliance: Teams prioritizes security and compliance. Files shared within Teams are protected using Microsoft’s robust security measures and can be subject to retention policies and data loss prevention rules to ensure regulatory compliance. This means you, as a business owner, can sleep a little easier knowing your files are protected. 

If you want to see a demo of Teams or do a cost analysis to see how implementing this can save your organization/money on Slack, Zoom and other project management software by combining it into one application, click here to schedule a brief call. 

Who Should Be In Charge of Company Compliance?

Who Should Be In Charge of Company Compliance?

by | Sep 27, 2023 | Newsletter


What if you discovered that all of the hard work, investments and time you’ve put into growing your business is at risk due to a failure of your outsourced IT company, or possibly even your well-meaning (but overburdened) IT department? If you were exposed to that level of risk, wouldn’t you want someone to tell you about it?

This article is that wake-up call.

Over the last several years, the risks associated with cyber security attacks have grown in magnitude. They are no longer a low-probability hazard that will result in a minor inconvenience. Businesses of all sizes and types are getting hacked and losing hundreds of thousands of dollars, or even multiple millions, in addition to suffering significant reputational damage and loss of customer goodwill. For some, it’s a business-ending event. For nearly everyone else, it’s a significant financial disaster that can negatively impact profits and revenue for years.

Yet too many CEOs and small business owners are still abdicating critical decisions regarding risk tolerance and compliance policies to their IT company or IT department when these decisions no longer belong there.

For example, let’s suppose you have an employee who refuses to comply with strict data security and password policies and continually fails cyber security awareness training, putting your company at risk for a cyber-attack and compliance violation. Should your IT manager or IT company fire this employee? Reprimand them? Is it even their IT department’s job to manage employee behavior with company data and devices? If you say yes, the question is, when was the last time you met with them to specifically address this issue and direct them on how to monitor and manage it? Likely never – or once, a very long time ago.

Therein lies the problem. Most CEOs would agree that it’s not up to the IT department to make that call, yet many of these same CEOs leave it entirely up to the IT department (or outsourced IT company) to handle the situation and make decisions about what is allowed, what isn’t, how much risk they want to take, etc.

Worse yet, many CEOs aren’t even aware that they SHOULD have such policies in place to ensure your company isn’t compromised or at risk – and it’s not necessarily your IT person’s job to determine what should or shouldn’t be allowed. That’s your job as the CEO.

As another example, many companies have invested in cyber liability, ransomware or crime insurance policies to provide financial relief in the event of a cyber-attack and cover the exorbitant legal, IT and related costs that result when such an event occurs. Yet our experience shows that most insurance agents and brokers do not understand and cannot convey to the CEOs they are selling a policy to the IT requirements needed to secure a policy. Therefore, they never advise their client to make sure they get with their IT provider or internal IT to ENSURE the right protocols are in place, or risk having coverage denied for failure to comply with the requirements in the policy they just sold them.

When a cyber event occurs and the claim gets denied, whose fault is it? The insurance agent for not warning you? Your IT department or company for not putting in place protocols they weren’t even briefed on? Ultimately, it’s on you, which is why you as the CEO must make sure that decisions impacting the risk to your organization are informed ones, not decisions made by default.

Of course, a great IT company will bring these issues to your attention and offer guidance, but most are just keeping the “lights” on and the systems up, NOT consulting their clients on enterprise risk and legal compliance.

If you want to make sure your organization is actually prepared for and protected from the aftermath of a cyber-attack, click here to schedule a private consultation with one of our advisors about your concerns. It’s free of charge and may be extremely eye-opening for you.